Book Image

VMware NSX Cookbook

By : Bayu Wibowo, Tony Sangha
Book Image

VMware NSX Cookbook

By: Bayu Wibowo, Tony Sangha

Overview of this book

This book begins with a brief introduction to VMware's NSX for vSphere Network Virtualization solutions and how to deploy and configure NSX components and features such as Logical Switching, Logical Routing, layer 2 bridging and the Edge Services Gateway. Moving on to security, the book shows you how to enable micro-segmentation through NSX Distributed Firewall and Identity Firewall and how to do service insertion via network and guest introspection. After covering all the feature configurations for single-site deployment, the focus then shifts to multi-site setups using Cross-vCenter NSX. Next, the book covers management, backing up and restoring, upgrading, and monitoring using built-in NSX features such as Flow Monitoring, Traceflow, Application Rule Manager, and Endpoint Monitoring. Towards the end, you will explore how to leverage VMware NSX REST API using various tools from Python to VMware vRealize Orchestrator.
Table of Contents (19 chapters)
Title Page
Packt Upsell
Foreword
Contributors
Preface
Index

Verifying DFW rules


To verify the rules are deployed on a host and applied to the virtual machine's vNIC, we will need to use the command-line interface. This recipe will show you how to validate DFW rules from both the ESXi host that is prepared for NSX and the NSX manager.

Getting ready

To use the command line for validating DFW rules, make sure you have the following:

  • Access to the NSX manager shell through the VM console or SSH; the default user is admin
  • Access to the ESXi host shell through the ESXi console, DCUI, or SSH; the default user is root

We are interested in the vNIC filter name that the VM uses or attached and we will verify the rules that are applied to that filter name. The filter naming should be nic-#####-eth#-vmware-sfw.2.

How to do it...

This recipe shows how to validate DFW rules from the NSX Manager central CLI and from an ESXi host.

Using NSX Manager central CLI

Follow the steps below and commands on how to verify DFW rules that get pushed into the ESXi host from NSX Manager...